Category Started On Completed On Duration Cuckoo Version
FILE 2014-07-05 04:23:54 2014-07-05 04:27:27 213 seconds 1.2-dev
Machine Label Manager Started On Shutdown On
machine4 xpmachine4 VirtualBox 2014-07-05 04:23:55 2014-07-05 04:27:26

File Details

File name report_id_875893475983475934759384.exe
File size 121856 bytes
File type PE32 executable (GUI) Intel 80386, for MS Windows
CRC32 F098282F
MD5 d80e956259c858eaccb53c1affaf8141
SHA1 7358e2d4879d4109c89400a4361ba8bb8e71b357
SHA256 6307c172aeabf69da9cc136691268842eebff98b5aa884749b18f9de9209a0b7
SHA512 eeda45b97914e7a00e6166f2e46070faabbff45eb6957dc0052383d17d0e5137b81ba268974f34bdc4c617397ad6e5cf0e241054145cd9dff93477b30a0660c1
Ssdeep None
PEiD None matched
Yara None matched
VirusTotal Permalink
VirusTotal Scan Date: 2014-07-05 08:22:59
Detection Rate: 5/53 (Expand)

Signatures

File has been identified by at least one AntiVirus on VirusTotal as malicious
Installs itself for autorun at Windows startup

Screenshots

Static Analysis

Version Infos

Sections

Imports

Strings

Dropped Files

Nothing to display.

Network Analysis

Hosts Involved

Behavior Summary

Files
  • C:\
Mutexes Nothing to display.
Registry Keys
  • HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Disk\Enum
  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall

Processes

registry filesystem process services network synchronization

report_id_875893475983475934759384.exe PID: 1048, Parent PID: 548

Volatility

Nothing to display.